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ABSTRACT 

Mobile Nodes in some difficult areas subjected to intermittent network property and frequent partitions for e.g. 
battlefield. Disruption Tolerant Network (DTN) technologies are designed to specific situations wherever it will 
tolerate noise, attacks etc which means that nodes will get confidential information with none loss. Many 
application situations need a security for data that has secure access to information hold on in storage nodes at 
intervals a DTN or to contents of the messages routed through the network. Here, we have a tendency to use a 
way that allows secure access of data that is referred to as Ciphertext Policy Attributed-Based Encryption { CP- 
ABE) approach. There are many problems during this state of affairs. Some of those are control of policies 
needed for correct authentication of user and therefore the policies to retrieve the information. Therefore we 
have a tendency to use a promising solution i.e. Ciphertext-policy attribute-based encoding ( CP-ABE) to resolve 
the problem of accessing information. But, by applying CP-ABE in decentralized DTNs results into many 
security and privacy challenges with reference to the attribute revocation, key escrow, and coordination of 
attributes issued from multiple authorities. Here, we have a tendency to propose a secure and efficient 
management of data within the decentralized Disruption Tolerant Network (DTN) wherever multiple key 
authorities severally manage their attributes. 
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I. INTRODUCTION 

The design of the current Internet service models is based on a few assumptions such as (a) an end-to- 
end path that exists between a source and destination, and (b) delay between any node pair. Anyway, these 
assumptions do not hold in some networks. Some examples are: (i) in battlefield networks where soldiers carry 
wireless devices those operate in hostile environments where network jamming, environmental conditions and 
mobiUty of node may cause temporary disconnections, and (ii) vehicular ad-hoc networks where buses are used 
with wireless modems and have intermittent connectivity with one another. In the above scenarios, there may 
not exist an end-to-end path between a source and a destination pair always. Inorder to communicate the nodes 
with each other in such networking environments, the reseai'ch community has introduced a new aixhitecture 
called the disruption tolerant network (DTN) recently. Several DTN routing approaches have been proposed. 
Sometimes, the message sent by the source node may need to queued in the intermediate nodes for some amount 
of time, when connection to the intended destination has not been estabUshed. After the connection is 
established, the message is delivered to the destination node. 

Later, storage nodes ai-e inti'oduced in DTNs, where data is stored and will be repUcated such that only 
authorized users (or mobile nodes) can access the necessary information securely and quickly. Many miUtary 
applications require high level protection of confidential data including methods to access data that are 
cryptogi-aphically enforced. In several scenarios, it is required to provide services to access data such that the 
policies are defined over user attributes or roles to access data by authentic users and the attributes are managed 
by the key authorities. For example, in a disruption-tolerant miUtary network, a major (or commander) may 
store confidential information at a storage node, which should be accessed by members of "Battalion 1" who are 
participating in "Region 1." In this case, it is to be assumed that multiple key authorities are going to manage 
their own attributes for soldiers who are participating in their regions. We call this type of architecture as DTN 
(disruption tolerant network) architecture(i.e..,[l]), where multiple authorities are involved and generate their 
attribute keys by interacting with central authority which is referred as decentraUzed DTN(disruption tolerant 
network) 
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The method attribute-based encryption (ABE)(i.e..,[2]) is an approach that is appropriate for secure 
retrieval of data in DTNs(i.e..,[3]-[7]). ABE provides a mechanism where encryption is done based on attributes 
provided by users and defines policies over encrypted data. In ciphertext -policy ABE (CP-ABE) approach, it 
provides an encryption approach such that some attribute sets are defined by encryptor and the decryptor needs 
to possess those in order to decrypt the ciphertext. Thus, different users are allowed to decrypt data after 
satisfying the pohcies that are defined by data owner (or encryptor). 

However, by applying the ABE (i.e..[8])to DTNs inti'oduces several security and privacy 
challenges(i.e.[10]-[12]). First challenge is attribute revocation, some users may change their associated 
attributes at some point, or some private keys might be compromised by key authorities, since each attribute is 
shared by multiple users. This implies that any changes that made to attribute set by a single user affect the other 
users in the group. 

Another challenge is the key escrow [i.e. .,6] problem. In CP-ABE, the multiple key authorities make 
use of master keys and generate private keys of users. Thus, the key authority can generate the attribute keys of 
users and can decrypt every ciphertext belonging to specific users (i.e. .[9]). 

II. PROBLEM FORMULATION 

To improve the security for decentralized disruption tolerant military networks, Ciphertext-policy 
Atti'ibute-based Encryption (CP-ABE) algorithm can be used. CP-ABE is a promising cryptogi-aphic solution 
that solves the problem of accessing data. It is desirable to provide differentiated access services such that data 
access poUcies are defined over user attributes or roles, which are managed by the key authorities. To achieve 
data confidentiality, collusion resistance we use CP- ABE algorithm. 

III. LITERATURE SURVEY. 
S.Roy and M.chuah proposed CP-ABE system for DTNs. They used two types of encryption 
techniques along with CP-ABE. In the first technique, the data will be encrypted using symmetric key 
encryption. Then the result will be subjected to CP-ABE encryption .In the second technique, the data will be 
encrypted using a key encryption key (KEK) and then KEK will be encrypted using CP-ABE. They also 
extended CP- ABE method to support static and dynamic attributes [1]. 

D. Huang and M. Verma, proposed a scheme in the multi authority network environment known as 
decentralized Ciphertext-policy Attribute-based Encryption (CP-ABE). They achieved a combined access policy 
by encrypting the data multiple times over the attributes issued from multiple authorities [2]. 

A. Lewko and B. Waters proposed multi-authority attribute based encryption method. This method consists of 
multiple authorities that they manages different attributes of user. They do not require the central authority [3]. 

J. Bethencourt, A. Sahai, and B. Waters proposed a secure data access conti-ol method called as 
Ciphertext-policy attribute based encryption. In previous techniques hke in case of Attribute based encryption 
method the policies are defined with secret keys of users and the data will be stored in the storage nodes are 
highly insecured.But here, after encrypting data, the data owner will define some policies over encrypted data 
and it will be stored in the storage node. Inorder to get encrypted data which is stored in the storage node, the 
decryptor needs to satisfy the policies [4]. 

A. Boldyreva, V. Goyal, and V. Kumar proposed a method that is an alternative to the public key 
encryption method called as Identity based encryption technique. Here the encryption will be done based on the 
identity of users by using trusted authority. The main advantage of this technique is the users do not need to 
have public keys and is secure technique [5]. 

Chase and S. M. Chow presented a distributed key-poUcy Attribute-based Encryption (KP-ABE) 
scheme that solves the key escrow problem in a multi authority system. In this scheme, multiple authorities are 
participating to generate attribute keys using the key generation protocol in a distributed way such that they 
cannot collect their data and get attribute sets that are belonging to the same user [6]. 

Chase proposed multi authority key-policy Attribute-based Encryption (KP-ABE). Here multiple 
authorities involved in generating the private keys of users and user uses key-policy technique where policies 
ai-e defined over the private keys of user for enforcement of encrypted data and hence this method provides 
reliable access of data to data users [7]. 
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IV. WORKING PROCESS OF THE SYSTEM 

Our system uses CP-ABE (Ciphertext policy-attribute based encryption) in decentralized disruption 
tolerant networks (DTNs).The system architecture is shown below. 



User 





Fig4. 1 . Block diagram 



In above Fig4.1, the System architecture consists of four components. They are 

1) Sender 

2) Key authorities 

3) Storage node 

4) Users 

1) Sender: sender requests key to key authority required to encrypt the confidential message. 

2) Key authorities: There are two types of authorities. 



a) Central authority: This authority manages all local authorities and in which 2pc protocol has been used. 

b) Local authority: multiple local authorities generate key based on set of attributes provided by sender using 
key generation protocol called as 2PC protocol. 

3) Storage node: sender will encrypt message using key and will be stored it into storage node provided with 
access policies. 

4) Users: After satisfying policies, Users retrieve encrypted data and request key from key authority and 
decrypt the data using key. 
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V. INTERPRETATION OF RESULT 



Communication Cost 
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Here, the graph is drawn No of request vs cost and the cost is measured in bits. Here, X-axis contains 
No_of_request and Y-axis contains Cost in bits. From the graph it is observed that the cost is going to be 
increased as number of user requests increased which is very low. 

VI. SECURITY 

Our system provides security in terms of following 

1) Collusion resistance: 

Our system provides protection against two types of collusions, one is collusion against multiple 
local key authorities. When local key authorities collude among themselves they can get a key required to 
decrypt the ciphertext. Hence our system consists of central key authority that manages all the local key 
authorities and hence provide collusion protection among users, another is collusion against users, if multiple 
users collude they can get ciphertext without requiring key. hence our system provide protection against 
collusion among users also. 

2) Data confidentiality: 

In our system data confidentiality can be achieved by providing external storage nodes. 

V.CONCLUSION AND FUTURE SCOPE 

Disruption Tolerant Network (DTN) technologies are designed to specific apphcations such as military 
applications where soldiers use wireless devices to communicate with one another and access the confidential 
information reliably by using external storage nodes. We use a cryptographic solution i.e. Ciphertext-policy 
attribute-based encryption (CP-ABE) to solve the problem of accessing data i.e. data owner (encryptor) defines 
policies and decryptor needs to satisfy the poUcies to get ciphertext from storage node. In this paper, we 
proposed an efficient and secure management of data using CP-ABE for decentralized DTNs where multiple 
key authorities manage their attributes independently. Here we solved key escrow problem such that the 
confidentiality of the stored data is not violated even under the extreme situations such as key authorities might 
be compromised. In addition, key revocation problem can be done for each attribute group. The future scope of 
proposed system can be extended to block unauthorized users and it can also be extended to encrypt and decrypt 
videos and other forms of data. 
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